bogus random entropy sources
bogus random entropy sources
Posted Oct 5, 2010 21:58 UTC (Tue) by nowster (subscriber, #67)In reply to: bogus random entropy sources by jzbiciak
Parent article: Solid-state storage devices and the block layer
It's actually a hard problem to provide a cheap reliable hardware random number generator. If you look at the effort that a device like Simtec's Entropy Key takes to ensure that each chunk of randomness it delivers is truly random, you'll see why a random number generator is not something that a CPU designer should drop on a spare corner of a CPU die last thing on a Friday afternoon. Semiconductor junction noise generators can be affected by environmental influences: an RNG on a CPU die running hot might have a bias compared with the same one when the CPU is idle and cooler.
Posted Oct 6, 2010 3:51 UTC (Wed)
by jzbiciak (guest, #5246)
[Link] (1 responses)
I linked this whitepaper above on the technique VIA used on its C3. They used multiple free-running oscillators to gather entropy. The resulting output varies in quality, from 0.75 to 0.99 bits of entropy per output bit, depending on the decimation factor used and whether or not you enable von Neumann whitening. Given that it generates entropy in the megabits/second range, this is several orders better than you can get from hard disk seeks and user keystrokes, even if you have to throw most of the numbers away. And, given the high apparent entropy of the raw bits, you don't really need to throw many away at all.
Posted Oct 7, 2010 12:28 UTC (Thu)
by nix (subscriber, #2304)
[Link]
bogus random entropy sources
bogus random entropy sources